Hi, > CAN-2003-0826 > > Bennett Todd discovered a heap buffer overflow in lshd which could > lead to the execution of arbitrary code.
This vulnerability was reported 18 months ago. Is it possible to know: - why it wasn't fixed in the meantime -how it was found out it hadn't been done? If Debian was the only distrib late, should I consider this security status Debian specific? Jerome -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
